基于springboot和redis实现单点登录

基于springboot和redis实现单点登录

本文实例为大家分享了基于springboot和redis实现单点登录的具体代码，供大家参考，具体内容如下

1、具体的加密和解密方法

package com.example.demo.util;

import com.google.common.base.Strings;

import sun.misc.BASE64Decoder;

import sun.misc.BASE64Encoder;

import javax.crypto.Cipher;

import javax.crypto.KeyGenerator;

import javax.crypto.spec.SecretKeySpec;

import java.security.SecureRandom;

/**

* Create by zhuenbang on 2018/12/3 11:27

*/

public class AESUtil {

private static final String defaultKey = "7bf72345-6266-4381-a4d3-988754c5f9d1";

/**

* @Description: 加密

* @Param:

* @returns: java.lang.String

* @Author: zhuenbang

* @Date: 2018/12/3 11:33

*/

public static String encryptByDefaultKey(String content) throws Exception {

return encrypt(content, defaultKey);

}

/**

* @Description: 解密

* @Param:

* @returns: java.lang.String

* @Author: zhuenbang

* @Date: 2018/12/3 11:30

*/

public static String decryptByDefaultKey(String encryptStr) throws Exception {

return decrypt(encryptStr, defaultKey);

}

/**

* AES加密为base 64 code

*

* @param content 待加密的内容

* @param encryptKey 加密密钥

* @return 加密后的base 64 code

* @throws Exception

*/

public static String encrypt(String content, String encryptKey) throws Exception {

return base64Encode(aesEncryptToBytes(content, encryptKey));

}

/**

* AES加密

*

* @param content 待加密的内容

* @param encryptKey 加密密钥

* @return 加密后的byte[]

* @throws Exception

*/

private static byte[] aesEncryptToBytes(String content, String encryptKey)llVFdCZr throws Exception {

KeyGenerator kgen = KeyGenerator.getInstance("AES");

SecureRandom random;

if (System.getProperty("os.name").toLowerCase().contains("linux")) {

random = SecureRandom.getInstance("SHA1PRNG");

} else {

random = new SecureRandom();

}

random.setSeed(encryptKey.getBytes());

kgen.init(128, random);

Cipher cipher = Cipher.getInstance("AES");

cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES"));

return cipher.doFinal(content.getBytes("utf-8"));

}

/**

* base 64 加密

*

* @param bytes 待编码的byte[]

* @return 编码后的base 64 code

*/

private static String base64Encode(byte[] bytes) {

return new BASE64Encoder().encode(bytes);

}

/**

* 将base 64 code AES解密

*

* @param encryptStr 待解密的base 64 code

* @param decryptKey 解密密钥

* @return 解密后的string

* @throws Exception

*/

public static String decrypt(String encryptStr, String decryptKey) throws Exception {

return Strings.isNullOrEmpty(encryptStr) ? null : aesDecryptByBytes(base64Decode(encryptStr), decryptKey);

}

/**

* AES解密

*

* @param encryptBytes 待解密的byte[]

* @param decryptKey 解密密钥

* @return 解密后的String

* @throws Exception

*/

private static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) throws Exception {

KeyGenerator kgen = KeyGenerator.getInstance("AES");

SecureRandom random;

if (System.getProperty("os.name").toLowerCase().contains("linux")) {

random = SecureRandom.getInstance("SHA1PRNG");

} else {

random = new SecureRandom();

}

random.setSeed(decryptKey.getBytes());

kgen.init(128, random);

Cipher cipher = Cipher.getInstance("AES");

cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES"));

byte[] decryptBytes = cipher.doFinal(encryptBytes);

return new String(decryptBytes);

}

/**

* base 64 解密

*

* @param base64Code 待解码的base 64 code

* @return 解码后的byte[]

* @throws Exception

*/

private static byte[] base64Decode(String base64Code) throws Exception {

return Strings.isNullOrEmpty(base64Code) ? null : new BASE64Decoder().decodeBuffer(base64Code);

}

}

2、这里获取的token很关键，每次登录都要生成新的token,token是根据userId和当前时间戳加密的

@Override

public String getToken(String userId) throws Exception {

String token = AESUtil.encryptByDefaultKey(Joiner.on("_").join(userId, System.currentTimeMillis()));

logger.debugv("token= {0}", token);

redisService.set(UserKey.userAccessKey, userId, token);

return token;

}

3、写一个解密的方法，解密把用户id拿出来，然后从-里拿出token和当前登录token做对比

@Override

public String checkToken(String token) throws Exception {

String userId = AESUtil.decryptByDefaultKey(token).split("_")[0];

String currentToken = redisService.get(UserKey.userAccessKey, userId, String.class);

logger.debugv("currentToken={0}", currentToken);

if (StringUtils.isEmpty(currentToken)) {

return null;

}

if (!token.equals(currentToken)) {

return null;

}

return userId;

}

4、-里具体处理，这里采用注解拦截，当controller有@Secured-才拦截

@Autowired

AuthTokenService authTokenService;

@Override

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

if (handler instanceof HandlerMethod) {

HandlerMethod hm = (HandlerMethod) handler;

Secured secured = hm.getMethodAnnotation(Secured.class);

if (secured != null) {

String authToken = request.getHeader(UserConstant.USER_TOKEN);

if (StringUtils.isEmpty(authToken)) {

render(response, CodeMsg.REQUEST_ILLEGAL);

return false;

}

String userId = authTokenService.checkToken(authToken);

if (StringUtils.isEmpty(userId)) {

render(response, CodeMsg.LOGIN_FAILURE);

return false;

}

}

return true;

}

return true;

}

private void render(HttpServletResponse response, CodeMsg cm) throws Exception {

response.setContentType("application/json;charset=UTF-8");

OutputStream out = response.getOutputStream();

String str = JSON.toJSONString(Result.error(cm));

out.write(str.getBytes("UTF-8"));

out.flush();

out.close();

}

5、写一个测试登录接口和一个测试单点登录接口

/**

* @Description: 模拟登录

* @Param:

* @returns: com.example.demo.result.Result

* @Author: zhuenbang

* @Date: 2018/12/3 12:05

*/

@GetMapping("/login")

public Result login() throws Exception {

return authTokenService.login();

}

/**

* @Description: 模拟单点登录 @Secured这个方法-会拦截

* @Param:

* @returns: com.example.demo.result.Result

* @Author: zhuenbang

* @Date: 2018/12/3 12:35

*/

@Secured

@GetMapping("/testSSO")

public Result testSSO() {

return authTokenService.testSSO();

}

具体的实现

@Override

public Result login() throws Exception {

String userId = "123456";

return Result.success(this.getToken(userId));

}

@Override

public Result testSSO() {

return Result.success("登录状态正常");

}

postman 测试

单点登录测试

再次请求登录接口，然后不改变token接口如图

这个方式实现单点登录的关键就是根据userId的加密和解密的实现。

github地址：demo

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。